How secure and safe are cloud storage servers?

We received this question from a supporter:
How secure and safe are cloud storage servers? I realise they are only as secure as your password, but what is the likelihood of somebody trying to steal your info from them?

It really depends on the service. It’s in their best interest to be as secure as possible, but no service is failsafe. Even dedicated security companies get hacked. That said, I’d personally wager it’s as
safe (perhaps even safer) than storing things on a personal PC, because most people have pretty
poor online habits that can easily lead to malware being installed on their computers or having their info stolen in other ways.

As you say, you need to make sure you have a secure password, but you can double down with some services such as OneDrive, which you need an account and password to use, but which also
has a ‘secure vault’ folder, which you can set a different password for that you have to enter every time you open it. My advice is to always do a quick google of the reliability of a cloud service before signing up. If there are problems with how they handle their systems or a history of security breaches, you’ll likely read about it.


There’s also the issue of longevity. I used to use an online service called Mozy.

From Wikipedia…

Mozy was an online backup service for both Windows and macOS users. Linux support was made available in Q3, 2014. In 2007 Mozy was acquired by EMC, and in 2013 Mozy was included in the EMC Backup Recovery Systems division’s product list. On September 7, 2016, Dell Inc. acquired EMC Corporation to form Dell Technologies, restructuring the original Dell Inc. as a subsidiary of Dell Technologies. On March 19, 2018 Carbonite acquired Mozy from Dell for $148.5 million in cash and in 2019 shut down the service, incorporating Mozy’s clients into its own online backup service programs.

I Did not stay with it. after the EMC acquisition…


I always believe if it is important enough then encrypt before you store in the Cloud. Plenty of free decent tools out there to encrypt files, folders and drives. The following are just some examples of what can be found.

AxCrypt has both a free and paid product

Various versions for different operating systems

For Disks/partitions VeraCrypt


Provided that there is disclosure. An overseas provider (as many will be) may not be subject to mandatory disclosure laws and may not voluntarily disclose.

Probably true. However the cloud server may be a more attractive target (get hundreds or thousands of people’s stuff in one attack) than a single PC - and you may end up being collateral damage.

Just for fun … there are some attacks that only work in a multi-user environment i.e. may not ever be available on a PC but are available on a random server on the internet.

Hacking is not the only risk though. There can be inside jobs - or indeed the provider’s business model may involve accessing the content that you store with them. So you would need to look at how much you are paying, if anything, and what the reputation of the provider is like.

I would look for a provider that has been independently audited for solid security practices and the results of the audit made available publicly.

Another consideration is whether the cloud storage is being used solely for backup (it’s the secondary copy, total loss is not a major drama, and you can easily encrypt it before uploading) or the cloud storage is being used as the primary copy.


The business model of cloud services, not just data storage, but applications, is that they will do it more reliably, more securely, and better than most users and SMEs will.

However, you get what you pay for.

Free storage offered by the likes of Google, MS, and Amazon should not be considered to be in the same class as serious paid for services, by those same companies or others.


I do exactly the same for anything stored remotely (not on the PC) and may be lost/potentially accessed by others. I encrypt both the files and the file structure.


Australia has no mandatory public disclosure laws.

4 Likes is well thought of amongst a group of Mac users I know… I had 390GB storage on at one stage, but then quite suddenly it was withdrawn from the market. I never actually used it for anything critical… not that I had much of that in the last 10 years… Currently I use the free level of Dropbox for storage of such things as databases for various apps I use, and free level for everything else.

Photographs are stored on two separate drives at home. If I have a fire, they are gone, but thems the breaks. Been considering a fireproof safe but… nah… I don’t update often enough to concern myself and looking back, wonder what I was thinking when I took some of them, UGH.

Many of my photography friends who are also professionals, keep their drives in various different locations, and sync them so they will always be updated. I have neither the will nor the time to bother with such… but if it was my job… that is exactly what I would do. This is something to consider if your job requires this level of safety.

I regularly clone my Mac Mini Drive, as well as the drive containing the photographs, so at least those are synced in two places. If you are on a Mac, Carbon Copy Cloner, or SuperDuper! are the go. I use SuperDuper! on my Macbook, and CCC on the Mini which has multiple drives attached.

I know, I am rambling. Its not yet 5.30am and I need coffee.


Sue, which version of MacOS are you using ? I’m under the impression that SuperDuper! cannot make bootable clones of Big Sur drives. I switched to CCC for this reason.

1 Like

Ahhh. My Macs are too old for Big Sur…. Macbook is a 2010 model (High Sierra) and thats what I use SuperDuper with, and CCC with the Mini (2012, Catalina)

1 Like

I always get confused by Mac OS names. No idea whether Hidden Dragon or Crouching Tiger came first - let alone High Noon and Catalan Country.

Tools like Dropbox and Google Drive should not be considered backups. They are at best alternative filing systems, and come with zero guarantees that your files will be there if you ever really need them.

I pay for my (encrypted) cloud backup with Carbonite, and have two different local backups. (Actually, more than two - two system backups and a couple of ‘important file’ backups.)

Its lucky then, that you don’t use Macs. You don’t need to know. Would you have been any the wiser if I referred to them by their numeric designation? MacOS 13? MacOS 15? :stuck_out_tongue:

1 Like

At least with the numeric designator one can (hopefully) know which is more recent.

I say hopefully because I cannot remember whether Windows 2000 was before or after Windows Millennium Edition - and Windows 95 was way before Windows 7.


Neither can I, but I can remember where Vista :roll_eyes: fitted into the scheme of things. Wikipedia has really useful pages listing the various versions of common operating systems. :slightly_smiling_face:


If you use commercial cloud storage from a company whose entire business is about secure data storage in one for or another, the risks are very, very low.

My cloud service provide is Synology who are most well know for Network Attached Storage (NAS) devices, and they take data protection very seriously indeed.


One year I had a high dollar procurement in progress for storage, and one company claimed we could never lose data with their product. Their product was actually very good and as good as it got at the time but I was never one to entertain salesmens puffery.

I asked if they would sign a contract giving me their company if we ever lost data on their product as a result of their product failing. Never heard the claim again, and no they would not. No matter how many ‘9s’ of reliability, it never hits 100% where they will bet their company on it. :wink:


I’m not sure what the point of that story is, but it really is WAY off the topic area of the original post! :roll_eyes:

No storage is 100% secure no matter who or where, even when supplied by the best provider on the best equipment available. Some may come close though.


I work in IT so I am going target my reply to being consumer level.

The answer is that online storage is as safe and secure as the person using it. Since that’s also true for your local storage, online storage will win out. I will put a caveat on that, though - your storage is safe if - and only if - you use a large provider like Google or Microsoft; smaller companies will be bought or won’t have the resources available to match their promises. Google gets bored with things at random, so this might sound weird, but I actually think Onedrive is a very good option. Maybe Apple are good - I don’t recall them having a slip that wasn’t user caused, & generally Apple customers are either very advanced, or have too much money & user their equipment like Fischer-Price for Adults - and not even Apple can protect people against themselves.

How private is your data? That’s another question. I have a rule of thumb: if data leaves your home, consider it public. I have another rule too: if you’re connected to the internet, you’re data isn’t safe unless you’re lucky or very, very good & you keep your systems guarded “blue team” style - a constant, never ending job of cat & mouse.

My recommendation is to use a tiered approach: find a way to store critical private data offline only & try to review every 3 months minimum; trust a provider for stuff like photos and stuff that won’t kill you if it got out (no nudes, unless you want that :)) like Google Drive/Photos (watch out for when Google pulls the services though - they do that all the time, you just can’t rely on them - takes years - but still) but also see if you can backup to the latest offline storage medium (e.g. USB external) (I think SSDs are probably the go now - do your homework for longevity - I don’t trust high capacity spindle disks); & try to clean out crap you don’t need.

It’s a pita, but tech is getting better.


Well said, Hohum!

  • online storage is as safe and secure as the person using it;
  • Backup critical data to offline hard-disks, maybe SSDs
  • If you do use online storage, do it with a large provider, and only for non-critical stuff - and assume that either it will (a) disappear unexpectedly and/or unexpectedly be made public.

Having said all of which, there is one more point of relevance with regard to ‘consumer-level’ users: their storage needs vary far more widely than those within the business and governmental sectors, ranging from those who have much the same storage needs as a small business, to those without any rational need for data backup at all! In between are a rather large group (possibly the majority, but I have seen no research on this) who use - or might reasonably use - cloud storage for what is essentially short-term warehousing, such as for shifting data between family members’ PCs. Given that the information being stored is generally of low sensitivity, for these people, ANY cloud storage is as secure and safe enough.

In the end, then, cloud storage safety and security is in the eye of the beholding user.